|
version 1.19, 2002/05/10 16:17:45
|
version 1.40, 2003/05/02 19:25:01
|
|
Line 25 Make a LON-CAPA system work with shadow
|
Line 25 Make a LON-CAPA system work with shadow
|
| Installing LON-CAPA files</a></li> |
Installing LON-CAPA files</a></li> |
| <li><a href="#checkrpms"> |
<li><a href="#checkrpms"> |
| Checking your Linux RPMs</a></li> |
Checking your Linux RPMs</a></li> |
| |
<li><a href="#fixhosts"> |
| |
Fixing <tt>/etc/hosts</tt></a></li> |
| <li><a href="#mysql"> |
<li><a href="#mysql"> |
| Configuring the MySQL database</a></li> |
Configuring the MySQL database</a></li> |
| <li><a href="#testing"> |
<li><a href="#testing"> |
| Testing to see if the LON-CAPA server is operational</a></li> |
Testing to see if the LON-CAPA server is operational</a></li> |
| </ul> |
</ul> |
| |
<p> |
| |
<strong>NOTE:</strong> |
| |
If you want to simultaneously install both RedHat 7.3 and LON-CAPA |
| |
(to ensure 100% reliability), follow <a href="rh73.html">these |
| |
alternative directions</a>. |
| |
</p> |
| <br /> |
<br /> |
| <!-- preamble end --> |
<!-- preamble end --> |
| <!-- maintext start --> |
<!-- maintext start --> |
|
Line 49 LON-CAPA server:
|
Line 57 LON-CAPA server:
|
| <tr><td> |
<tr><td> |
| <font size="+1">1</font> |
<font size="+1">1</font> |
| </td><td> |
</td><td> |
| <p>Is your system using shadow passwords? (Note: LON-CAPA will |
<p>Is your system using shadow passwords? (Note: LON-CAPA will work |
| work with either MD5/non-MD5 configured systems). If your |
with either MD5/non-MD5 configured systems). It is strongly |
| system is not using shadow passwords, then do not perform |
recommended to use shadow passwords. If your system is currently not |
| any of the additional steps. If your system is using shadow |
using shadow passwords, run the "pwconv" command (as root) in order to |
| passwords, then you will need to perform the additional steps below. |
convert to shadow passwords. If you choose not to use shadow |
| |
passwords, then do not perform any of the additional steps. If your |
| |
system is using shadow passwords, then you will need to perform the |
| |
additional steps below. |
| </p> |
</p> |
| <p> |
<p> |
| <strong>How to detect:</strong> |
<strong>How to detect:</strong> |
|
Line 71 the steps below.
|
Line 82 the steps below.
|
| running the following command |
running the following command |
| </p> |
</p> |
| <p><tt> |
<p><tt> |
| wget http://www.wwnet.net/~janc/software/mod_auth_external-2.1.13.tar.gz |
wget http://www.unixpapa.com/software/mod_auth_external-2.1.15.tar.gz |
| </tt> |
</tt> |
| </p> |
</p> |
| </td></tr> |
</td></tr> |
|
Line 82 wget http://www.wwnet.net/~janc/software
|
Line 93 wget http://www.wwnet.net/~janc/software
|
| running the following command |
running the following command |
| </p> |
</p> |
| <p> |
<p> |
| <tt>tar xzvf mod_auth_external-2.1.13.tar.gz</tt> |
<tt>tar xzvf mod_auth_external-2.1.15.tar.gz</tt> |
| </p> |
</p> |
| </td></tr> |
</td></tr> |
| <tr><td> |
<tr><td> |
|
Line 92 running the following command
|
Line 103 running the following command
|
| running the following command |
running the following command |
| </p> |
</p> |
| <p> |
<p> |
| <tt>cd mod_auth_external-2.1.13/pwauth/</tt> |
<tt>cd mod_auth_external-2.1.15/pwauth/</tt> |
| </p> |
</p> |
| </td></tr> |
</td></tr> |
| <tr><td> |
<tr><td> |
|
Line 102 running the following command
|
Line 113 running the following command
|
| </p> |
</p> |
| <p> |
<p> |
| Determine the user id of 'www': |
Determine the user id of 'www': |
| <br /><tt>grep ^www /etc/passwd | cut -d':' -f3</tt> |
<br /><tt>id -u www</tt> |
| <br /> |
<br /> |
| Change the line |
Change the line |
| <br /><tt>#define SERVER_UIDS 99 /* user "nobody" */</tt> |
<br /><tt>#define SERVER_UIDS 99 /* user "nobody" */</tt> |
|
Line 144 Edit (creating the file) /etc/pam.d/pwau
|
Line 155 Edit (creating the file) /etc/pam.d/pwau
|
| <h3>Installing LON-CAPA files</h3> |
<h3>Installing LON-CAPA files</h3> |
| <p> |
<p> |
| Download the most current |
Download the most current |
| <a href="http://install.lon-capa.org/versions/current/loncapa.tar.gz"> |
<a href="http://install.lon-capa.org/versions/loncapa-current.tar.gz"> |
| loncapa.tar.gz</a>. |
loncapa-current.tar.gz</a>. |
| </p> |
</p> |
| |
<table bgcolor="#aaaaaa" border="1"> |
| |
<tr><td><tt>wget http://install.lon-capa.org/versions/loncapa-current.tar.gz |
| |
</tt> |
| |
<br /> |
| |
<tt>tar xzvf loncapa-current.tar.gz</tt> |
| |
<br /> |
| |
<tt>cd loncapa-N.N</tt> (N.N is the version number)</td></tr> |
| |
</table> |
| <p> |
<p> |
| The <strong>UPDATE</strong> command will refresh your filesystem with all |
The <strong>UPDATE</strong> command will refresh your filesystem with all |
| the latest LON-CAPA software. |
the latest LON-CAPA software. |
|
Line 163 against an FTP repository.
|
Line 182 against an FTP repository.
|
| <table bgcolor="#aaaaaa" border="1"> |
<table bgcolor="#aaaaaa" border="1"> |
| <tr><td><tt>./CHECKRPMS</tt></td></tr> |
<tr><td><tt>./CHECKRPMS</tt></td></tr> |
| </table> |
</table> |
| |
<p> |
| |
Also, please be sure to install the LON-CAPA-systemperl RPM as described on |
| |
the <a href="/docs/downloads/index.html">Downloads</a> page. |
| |
</p> |
| |
<a name="fixhosts" /> |
| |
<h3>Fixing <tt>/etc/hosts</tt></h3> |
| |
<p> |
| |
A common RedHat glitch of new installations (RedHat's fault, not LON-CAPA) |
| |
is the generation of /etc/hosts. |
| |
</p> |
| |
<p> |
| |
It should look something like this (except the <tt>myschool</tt> line |
| |
should be replaced with settings specific to your machine): |
| |
</p> |
| |
<table bgcolor="#aaaaaa" border="1"> |
| |
<tr><td> |
| |
<pre> |
| |
127.0.0.1 localhost.localdomain localhost |
| |
12.34.56.78 www.myschool.edu myschool |
| |
</pre></td></tr> |
| |
</table> |
| <a name="mysql" /> |
<a name="mysql" /> |
| <h3>Configuring the MySQL database</h3> |
<h3>Configuring the MySQL database</h3> |
| <p> |
<p> |
|
Line 171 on your LON-CAPA server.
|
Line 211 on your LON-CAPA server.
|
| <br />Note: |
<br />Note: |
| </p> |
</p> |
| <ul> |
<ul> |
| <li>you should substitute 'WWWPASSWORD' with the value for 'lonSqlAccess' |
|
| present inside <tt>/etc/httpd/conf/loncapa.conf</tt> <i>or in access.conf</i> |
|
| </li> |
|
| <li>you should substitute 'ROOTPASSWORD' with something very hard to guess |
<li>you should substitute 'ROOTPASSWORD' with something very hard to guess |
| (it does not have to be the Linux OS root password) |
(it does not have to be the Linux OS root password) |
| </li> |
</li> |
| |
<li>The MySQL www@localhost user must always have a password of 'localhostkey' |
| |
in order for there to be correct operation of a standard LON-CAPA system. |
| |
</li> |
| </ul> |
</ul> |
| |
<p> |
| |
The following instructions assume you are logged in as 'root'. |
| |
</p> |
| |
<p>Entering the mysql shell</p> |
| <table bgcolor="#aaaaaa" border="1"><tr><td> |
<table bgcolor="#aaaaaa" border="1"><tr><td> |
| <caption>Entering the mysql shell</caption> |
|
| <pre> |
<pre> |
| mysql -u root -p mysql |
mysql -u root -p mysql |
| OR |
OR |
| mysql -u root (depending on whether you have set a root password) |
mysql -u root mysql (depending on whether you have set a root password) |
| </pre> |
</pre> |
| </td></tr></table> |
</td></tr></table> |
| |
<p>Creating the mysql 'www' user (after entering mysql shell)</p> |
| <table bgcolor="#aaaaaa" border="1"><tr><td> |
<table bgcolor="#aaaaaa" border="1"><tr><td> |
| <caption>Creating the mysql 'www' user (after entering mysql shell)</caption> |
|
| <pre> |
<pre> |
| mysql> CREATE DATABASE loncapa; |
mysql> CREATE DATABASE loncapa; |
| |
|
| mysql> INSERT INTO user (Host, User, Password) |
mysql> INSERT INTO user (Host, User, Password) |
| mysql> VALUES ('localhost','www',password('WWWPASSWORD')); |
mysql> VALUES ('localhost','www',password('localhostkey')); |
| |
|
| mysql> GRANT ALL PRIVILEGES ON *.* TO www@localhost; |
mysql> INSERT INTO db VALUES ('localhost','loncapa','www', |
| |
mysql> 'Y','Y','Y','Y','Y','Y','N','Y','Y','Y'); |
| |
|
| mysql> FLUSH PRIVILEGES; |
mysql> FLUSH PRIVILEGES; |
| </pre> |
</pre> |
| </td></tr></table> |
</td></tr></table> |
| |
<p>SECURITY: set a password for the mysql 'root' user</p> |
| <table bgcolor="#aaaaaa" border="1"><tr><td> |
<table bgcolor="#aaaaaa" border="1"><tr><td> |
| <caption>SECURITY: set a password for the mysql 'root' user</caption> |
|
| <pre> |
|
| shell> mysql -u root mysql |
|
| mysql> SET PASSWORD FOR root@localhost=PASSWORD('ROOTPASSWORD'); |
|
| </pre> |
|
| </td></tr></table> |
|
| <table bgcolor="#aaaaaa" border="1"><tr><td> |
|
| <caption>SECURITY: set a password for the mysql 'root' user</caption> |
|
| <pre> |
<pre> |
| shell> mysql -u root mysql |
shell> mysql -u root mysql |
| mysql> SET PASSWORD FOR root@localhost=PASSWORD('ROOTPASSWORD'); |
mysql> SET PASSWORD FOR root@localhost=PASSWORD('ROOTPASSWORD'); |
| </pre> |
</pre> |
| </td></tr></table> |
</td></tr></table> |
| |
<p>SECURITY: only allow access from localhost</p> |
| <table bgcolor="#aaaaaa" border="1"><tr><td> |
<table bgcolor="#aaaaaa" border="1"><tr><td> |
| <caption>SECURITY: only allow access from localhost</caption> |
|
| <pre> |
<pre> |
| shell> mysql -u root -p mysql |
shell> mysql -u root -p mysql |
| mysql> DELETE * FROM user WHERE host<>'localhost'; |
mysql> DELETE FROM user WHERE host<>'localhost'; |
| </pre> |
</pre> |
| </td></tr></table> |
</td></tr></table> |
| <a name="testing" /> |
<a name="testing" /> |
![[BACK]](/icons/back.gif){kind=icon}
Return to install.html CVS log ![[TXT]](/icons/text.gif){kind=icon}
![[DIR]](/icons/dir.gif){kind=icon}
Up to [LON-CAPA] / doc / build